Xplico alternatives

Looking for an alternative tool to replace Xplico? During the review of Xplico we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. PCredz (extract data from pcap files)
  2. ntopng
  3. Bleach (sanitizing library for Django)

These tools are ranked as the best alternatives to Xplico.

Alternatives (by score)

60

PCredz

Introduction

This tool can be of a great use to see what sensitive data leaks onto the network. This may be a public network or your own private network.

Project details

PCredz is written in Python.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Data extraction

    PCredz review

    78

    ntopng

    Introduction

    The ntopng replaced the older ntop utility. It now focuses on high-speed traffic analysis and flow collection. Typically this is useful for analysis of network traffic and troubleshooting of overused network links.

    Project details

    ntopng is written in C++.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Network analysis
      • Troubleshooting

      ntopng review

      76

      Bleach

      Introduction

      Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. It provides a filter for untrusted content and disarms potential unwanted scripts from the input. This may be useful to apply to data that is transmitted via HTML forms or otherwise.

      Project details

      Bleach is written in Python.

      Strengths and weaknesses

      • + More than 25 contributors
      • + More than 1000 GitHub stars
      • + The source code of this software is available

        Typical usage

        • Data sanitizing

        Bleach review

        64

        CHIRON ELK

        Introduction

        CHIRON is a tool to provide network analytics based on the ELK stack. It is combined with Machine Learning threat detection using the Aktaion framework. Typical usage of the tool is home use and get the visibility of home internet devices. By leveraging the Aktaion framework, it helps with detection threats like ransomware, phishing, or other malicious traffic.

        Project details

        CHIRON ELK is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available
        • - No releases on GitHub available

        Typical usage

        • Network analysis
        • Network security monitoring
        • Network traffic analysis
        • Threat discovery

        CHIRON ELK review

        64

        Trawler

        Introduction

        Trawler can simplify the work that is related to collecting phishing information like reports. It can process the information and use the information for follow-up steps.

        Project details

        Trawler is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available
        • - No releases on GitHub available

        Typical usage

        • Data collection
        • Phishing attacks

        Trawler review

        59

        socat

        Introduction

        Socat is a tool to share data between systems. It can leverage an existing connection, or set up a new channel between two systems. This can be useful to relay traffic, do a quick data transfer, or test other systems. Another option is to use it on the local system to add an encrypted channel.

        Project details

        socat is written in C.

        Strengths and weaknesses

        • + The source code of this software is available
        • + Well-known tool

          Typical usage

          • Data encryption
          • Data transfers

          socat review

          78

          CIRCLean

          Introduction

          Malware regularly uses USB sticks to infect victims. This solution can convert documents with potentially harmful code into disarmed data formats. This converted data is then stored on a trusted device.

          Project details

          CIRCLean is written in shell script.

          Strengths and weaknesses

          • + The source code of this software is available

            Typical usage

            • Data sanitizing
            • Data transfers

            CIRCLean review

            56

            Metagoofil

            Introduction

            Metagoofil will perform a search in Google based on the given domain name. Any public documents will be downloaded and analyzed. For this task it uses libraries like Hachoir, PdfMiner, and others. Useful details include username, software versions, hostnames, etc.

            File types: pdf, doc, xls, ppt, docx, pptx, xlsx

            Project details

            Metagoofil is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Information gathering
              • Penetration testing

              Metagoofil review

              60

              swap_digger

              Introduction

              Swap memory is similar to active memory and may contain sensitive details.

              Examples of sensitive data artifacts:

              • Login accounts and passwords
              • GPG keys
              • Master keys of password managers
              • Email addresses
              • WiFi SSID details and keys
              • Samba credentials
              • Other authentication details

              Project details

              swap_digger is written in shell script.

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Data extraction
                • Information gathering
                • Penetration testing

                swap_digger review

                100

                IVRE

                Introduction

                IVRE is a framework to perform reconnaissance for network traffic. It leverages other tools to pull in the data and show it in the web interface.

                Project details

                IVRE is written in Python.

                Strengths and weaknesses

                • + More than 10 contributors
                • + More than 1000 GitHub stars
                • + The source code of this software is available

                  Typical usage

                  • Digital forensics
                  • Information gathering
                  • Intrusion detection
                  • Network analysis

                  IVRE review

                  70

                  Scapy

                  Introduction

                  Scapy can handle tasks like network scanning, tracerouting, probing, unit tests, attacks or network discovery. Due to its manipulation possibilities, Scapy can send invalid frames. It allows you also to inject custom 802.11 frames, or combine other attacking techniques.

                  Project details

                  Scapy is written in Python.

                  Strengths and weaknesses

                  • + More than 2000 GitHub stars
                  • + The source code of this software is available
                  • - Many provided pull requests are still open

                  Typical usage

                  • Network analysis
                  • Security assessment

                  Scapy review

                  67

                  Wireshark

                  Introduction

                  Wireshark is a mature project with many users all over the world. Its library is stable and can be used by both graphical as text-based interfaces. With many books and even conferences around the subject, this tool is a safe bet to have in your toolbox.

                  Project details

                  Wireshark is written in C.

                  Strengths and weaknesses

                  • + The source code of this software is available
                  • + Well-known tool

                    Typical usage

                    • Network analysis
                    • Network traffic analysis
                    • Security assessment
                    • Troubleshooting

                    Wireshark review

                    78

                    PyREBox

                    Introduction

                    PyREBox is short for Python scriptable Reverse Engineering Sandbox. It provides dynamic analysis and debugging capabilities of a running QEMU virtual machine. The primary usage is the analysis of running processes to perform reverse engineering. PyREBox can change parts of the running system by changing data in memory or within processor registers.

                    Project details

                    PyREBox is written in C++, Python.

                    Strengths and weaknesses

                    • + The source code of this software is available

                      Typical usage

                      • Binary analysis
                      • Malware analysis
                      • Reverse engineering

                      PyREBox review

                      78

                      graudit

                      Introduction

                      Analysis of source code helps to find programming flaws including those that can lead to software vulnerabilities. Graudit helps to uncover these by searching through the files and discover possible flaws. The tool supports languages like ASP, C, Perl, PHP, Python, and others.

                      Project details

                      graudit is written in shell script.

                      Strengths and weaknesses

                      • + The source code is easy to read and understand
                      • + Tool is easy to use
                      • + Used language is shell script
                      • + The source code of this software is available

                        Typical usage

                        • Code analysis

                        graudit review

                        Some relevant tool missing as an alternative to Xplico? Please contact us with your suggestion.